A.2 Nnssaaf_NSSAA API
29.5263GPP5G SystemNetwork Slice-Specific and SNPN Authentication and Authorization servicesRelease 17Stage 3TS
openapi: 3.0.0
info:
title: Nnssaaf_NSSAA
version: 1.1.0
description: |
Network Slice-Specific Authentication and Authorization Service.
© 2022, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC).
All rights reserved.
externalDocs:
description: 3GPP TS29.526, NSSAA Service, version 17.5.0.
url: https://www.3gpp.org/ftp/Specs/archive/29_series/29.526/
servers:
– url: ‘{apiRoot}/nnssaaf-nssaa/v1’
variables:
apiRoot:
default: https://example.com
description: apiRoot as defined in clause 4.4 of 3GPP TS 29.501
security:
– {}
– oAuth2ClientCredentials:
– nnssaaf-nssaa
paths:
/slice-authentications:
post:
summary: Create slice authentication context
operationId: CreateSliceAuthenticationContext
tags:
– Slice Authentication Context Creation
requestBody:
content:
application/json:
schema:
$ref: ‘#/components/schemas/SliceAuthInfo’
required: true
responses:
‘201’:
description: SliceAuthContext
content:
application/json:
schema:
$ref: ‘#/components/schemas/SliceAuthContext’
headers:
Location:
description: ‘Contains the URI of the newly created resource according to the structure: {apiRoot}/nnssaaf-nssaa/v1/slice-authentications/{authCtxId}’
required: true
schema:
type: string
‘307’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/307’
‘308’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/308’
‘400’:
description: Bad Request from the AMF
content:
application/problem+json:
schema:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/ProblemDetails’
‘403’:
description: Forbidden due to slice authentication rejected
content:
application/problem+json:
schema:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/ProblemDetails’
‘404’:
description: User does not exist
content:
application/problem+json:
schema:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/ProblemDetails’
‘504’:
description: Network error or remote peer error
content:
application/problem+json:
schema:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/ProblemDetails’
callbacks:
reauthenticationNotification:
‘{request.body#/reauthNotifUri}’:
post:
requestBody:
required: true
content:
application/json:
schema:
$ref: ‘#/components/schemas/SliceAuthReauthNotification’
responses:
‘204’:
description: slice re-authentication notification response
‘307’:
description: Temporary Redirect
content:
application/json:
schema:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/RedirectResponse’
headers:
Location:
description: ‘The URI pointing to the resource located on the redirect target’
required: true
schema:
type: string
‘308’:
description: Permanent Redirect
content:
application/json:
schema:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/RedirectResponse’
headers:
Location:
description: ‘The URI pointing to the resource located on the redirect target’
required: true
schema:
type: string
‘400’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/400’
‘404’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/404’
‘500’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/500’
‘503’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/503’
default:
description: Unexpected error
revocationNotification:
‘{request.body#/revocNotifUri}’:
post:
requestBody:
required: true
content:
application/json:
schema:
$ref: ‘#/components/schemas/SliceAuthRevocNotification’
responses:
‘204’:
description: slice revocation notification response
‘307’:
description: Temporary Redirect
content:
application/json:
schema:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/RedirectResponse’
headers:
Location:
description: ‘The URI pointing to the resource located on the redirect target’
required: true
schema:
type: string
‘308’:
description: Permanent Redirect
content:
application/json:
schema:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/RedirectResponse’
headers:
Location:
description: ‘The URI pointing to the resource located on the redirect target’
required: true
schema:
type: string
‘400’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/400’
‘404’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/404’
‘500’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/500’
‘503’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/503’
default:
description: Unexpected error
/slice-authentications/{authCtxId}:
put:
summary: Confirm the slice authentication result
operationId: ConfirmSliceAuthentication
tags:
– Confirm Slice Authentication
parameters:
– name: authCtxId
in: path
required: true
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: ‘#/components/schemas/SliceAuthConfirmationData’
responses:
‘200’:
description: Request processed (EAP success or Failure)
content:
application/json:
schema:
$ref: ‘#/components/schemas/SliceAuthConfirmationResponse’
‘307’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/307’
‘308’:
$ref: ‘TS29571_CommonData.yaml#/components/responses/308’
‘400’:
description: Bad Request
content:
application/problem+json:
schema:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/ProblemDetails’
‘500’:
description: Internal Server Error
content:
application/problem+json:
schema:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/ProblemDetails’
‘504’:
description: Network error or remote peer error
content:
application/problem+json:
schema:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/ProblemDetails’
components:
securitySchemes:
oAuth2ClientCredentials:
type: oauth2
flows:
clientCredentials:
tokenUrl: ‘{nrfApiRoot}/oauth2/token’
scopes:
nnssaaf-nssaa: Access to the nnssaaf-nssaa API
schemas:
#
# COMPLEX TYPES:
#
SliceAuthInfo:
type: object
properties:
gpsi:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Gpsi’
snssai:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Snssai’
eapIdRsp:
$ref: ‘#/components/schemas/EapMessage’
amfInstanceId:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/NfInstanceId’
reauthNotifUri:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Uri’
revocNotifUri:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Uri’
required:
– gpsi
– snssai
– eapIdRsp
SliceAuthContext:
type: object
properties:
gpsi:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Gpsi’
snssai:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Snssai’
authCtxId:
$ref: ‘#/components/schemas/SliceAuthCtxId’
eapMessage:
$ref: ‘#/components/schemas/EapMessage’
required:
– gpsi
– snssai
– authCtxId
– eapMessage
SliceAuthConfirmationData:
type: object
properties:
gpsi:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Gpsi’
snssai:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Snssai’
eapMessage:
$ref: ‘#/components/schemas/EapMessage’
required:
– gpsi
– snssai
– eapMessage
SliceAuthConfirmationResponse:
type: object
properties:
gpsi:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Gpsi’
snssai:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Snssai’
eapMessage:
$ref: ‘#/components/schemas/EapMessage’
authResult:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/AuthStatus’
required:
– gpsi
– snssai
– eapMessage
SliceAuthReauthNotification:
type: object
properties:
notifType:
$ref: ‘#/components/schemas/SliceAuthNotificationType’
gpsi:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Gpsi’
snssai:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Snssai’
supi:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Supi’
required:
– notifType
– gpsi
– snssai
SliceAuthRevocNotification:
type: object
properties:
notifType:
$ref: ‘#/components/schemas/SliceAuthNotificationType’
gpsi:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Gpsi’
snssai:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Snssai’
supi:
$ref: ‘TS29571_CommonData.yaml#/components/schemas/Supi’
required:
– notifType
– gpsi
– snssai
#
# SIMPLE TYPES:
#
SliceAuthCtxId:
type: string
description: contains the resource ID of slice authentication context
nullable: false
EapMessage:
type: string
format: byte
description: contains an EAP packet
nullable: true
#
# ENUMS:
#
SliceAuthNotificationType:
type: string
enum:
– SLICE_RE_AUTH
– SLICE_REVOCATION